LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fighting fork bombs

Fighting fork bombs

Posted Mar 31, 2011 2:44 UTC (Thu) by jengelh (subscriber, #33263)
Parent article: Fighting fork bombs

>once a process exits, all of its children are reparented to the init process. That causes a flattening of the tree structure and makes it hard to identify all of the processes involved in the attack.

Eh.. this sounds very much like a case that cgroups can handle. systemd is said to use them already to kill all processes spawned from a master even if the children have detached and reparented (think sshd).

Given that, the oom-killer may be tuned to group killable targets by cgroup rather than just tgid/tid.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds